![background image](http://html1.mh-extra.com/html/tp-link/tl-er604w/tl-er604w_user-manual_1144823101.webp)
-96-
Remote Subnet:
Specify IP address range on your remote network to identify
which PCs on the remote network are covered by this policy. It's
formed by IP address and subnet mask.
WAN:
Specify the local WAN port for this Policy. The "Remote
Gateway" of the remote peer should be set to the IP address of
this WAN port.
Remote Gateway:
Enter the Remote Gateway. It can be IP address or Domain
name.
Policy Mode:
Select the negotiation mode for the policy.
IKE: The parameters for the VPN tunnel are generated
automatically via IKE negotiations.
Manual: All settings (including the keys) for the VPN tunnel
are manually inputted and no key negotiation is needed.
IKE Mode
IKE Policy:
It is available when IKE is selected as the negotiation mode.
Specify the IKE policy. If there is no policy selection, add new
policy on
VPN
→
IKE
→
IKE Policy
page.
IPsec Proposal:
Select IPsec Proposal on IKE mode. Up to four IPsec Proposals
can be selected on IKE mode.
PFS:
Select the PFS (Perfect Forward Security) for IKE mode to
enhance security. This setting should match the remote peer.
With PFS feature, IKE negotiates to create a new key in
Phase2. As it is independent of the key created in Phase1, this
key can be secure even when the key in Phase1 is
de-encrypted. Without PFS, the key in Phase2 is created based
on the key in Phase1 and thus once the key in Phase1 is
de-encrypted, the key in Phase2 is easy to be de-encrypted, in
this case, the communication secrecy is threatened.
SA Lifetime:
Specify IPsec SA Lifetime for IKE mode.
Содержание TL-ER604W
Страница 1: ...TL ER604W Wireless N Gigabit Broadband VPN Router Rev1 0 1 1910010844...
Страница 163: ...4 Router B s Status page...
Страница 171: ...12...
Страница 178: ...19 Step 4 Right click on Phase 1 add a new phrase 2...
Страница 180: ...21 Step 6 Click Save and Apply and then right click on Phrase 2 Tunnel click on Open Tunnel...
Страница 181: ...22 Step 7 If the client connect to the VPN Server successfully you can see IPsec SA on the list...
Страница 192: ...33 Step 13 If client connect to the VPN Server successfully you can see IPsec SA on the list...
Страница 194: ...35 Router B s Status Page...
Страница 202: ...43 Choose Connect to a workplace and then click on Next Step 4 Select Use my Internet connection VPN...
Страница 204: ...45 Step 7 The VPN connection is created and ready to use click on Close...
Страница 206: ...47 Step 11 If the PPTP tunnel is established successfully you can check it on List of Tunnel...
Страница 211: ...52 Step 3 Choose Connect to a workplace and then click on Next...
Страница 212: ...53 Step 4 Select Use my Internet connection VPN...
Страница 214: ...55 Step 7 The VPN connection is created and ready to use click on Close...
Страница 217: ...58...